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(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial 
proceedings which will directly affect or be directly affected by or have a bearing on the 
Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection 
contained in the brief is correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is 
correct. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

6754709 GBADEGESIN 6-2004 

2002/0124090 POIER 9-2002 
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"The TCP Datagram, I wanted to know and now you can too (part 2)", April 8, 2001, pp. 
1-3 

Ross et al., "3.3 Connectionless Transport: UDP", 2000, pp. 1-6 

Cheng et al., "WTCP: an Efficient Transmission Control Protocol for Wired/Wireless 

Internetworking", November 11, 1999, pp. 176-185 

Leech et al., "RFC 1928 - SOCKS Protocol Version 5", March, 1996, pp. 1-8 
(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1-3, 7, 8, 12, 14, 19-31, 33-40, 43-46, 49-55, 58-63, 66-70, 73, and 74 
are rejected under 35 U.S.C. 102(e) as being anticipated by Gbadegesin (U.S. Patent 
6,754,709). 

Regarding Claim 1, 
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Gbadegesin discloses a method for handling digital data packets at 
a logical borderline that separates an untrusted packet-switched 
information network from a protected domain, comprising the steps of: 

Intercepting, at a packet processor part, a packet that is in transit 
between the untrusted packet-switched information network and the 
protected domain (Column 7, lines 50-65), 

Examining the packet at the packet processor part in order to 
determine, whether the packet contains digital data that pertains to a 
certain protocol (Column 7, line 66 to Column 8, line 16; and Column 8, 
lines 43-52), 

If the packet is not found to contain digital data that would pertain to 
the certain protocol, processing the packet at the packet processor part 
(Column 7, line 50 to Column 8, line 16), and 

If the packet is found to contain digital data that pertains to the 
certain protocol, redirecting the packet to an application gateway part 
(Column 7, line 66 to Column 8, line 16; and Column 8, line 53 to Column 
9, line 5) and processing the packet at the application gateway part 
according to a set of processing rules based on obedience to the certain 
protocol (Column 8, lines 17-30; and Column 8, line 53 to Column 9, line 
5); 

Wherein the packet processor part is a kernel mode process 
running in a computer device (Column 7, lines 50-65) and the application 
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gateway part is a user mode process running in a computer device 
(Column 8, lines 17-30). 
Regarding Claim 53, 

Claim 53 is a system claim that corresponds to method claim 1 and 
is rejected for the same reasons. 
Regarding Claim 68, 

Claim 68 is a software program product that corresponds to method 
claim 1 and is rejected for the same reasons. 
Regarding Claim 2, 

Gbadegesin discloses, regarding a packet that is redirected from 
the packet processor part to the application gateway part: 

Replacing an original value of a certain destination information field 
within the packet with a replacement value that identifies the application 
gateway part as the destination of the packet (Column 8, line 53 to 
Column 9, line 5), 

Indicating from the packet processor part to the application gateway 
part the original value of the destination information field found in the 
packet at the moment of intercepting the packet at the packet processor 
part (Column 8, line 53 to Column 9, line 5) and 

Using the indicated original value of the destination information field 
at the application gateway part in processing the packet (Column 8, line 
53 to Column 9, line 5). 
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Regarding Claim 39, 

Claim 39 is a method claim that is broader than method claim 2 and 
is rejected for the same reasons. 
Regarding Claim 43, 

Claim 43 is a method claim that is broader than method claim 2 and 
is rejected for the same reasons. 
Regarding Claim 51, 

Claim 51 is a method claim that is broader than method claim 2 and 
is rejected for the same reasons. 
Regarding Claim 54, 

Claim 54 is a system claim that corresponds to method claim 2 and 
is rejected for the same reasons. 
Regarding Claim 62, 

Claim 62 is a device claim that is broader than method claim 2 and 
is rejected for the same reasons. 
Regarding Claim 66, 

Claim 66 is a device claim that is broader than method claim 2 and 
is rejected for the same reasons. 
Regarding Claim 69, 

Claim 69 is a software program product claim that is broader than 
method claim 2 and is rejected for the same reasons. 
Regarding Claim 73, 
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Claim 73 is a software program product claim that is broader than 
method claim 2 and is rejected for the same reasons. 
Regarding Claim 3, 

Gbadegesin discloses replacing an original value of a certain 
source information field within the packet with a replacement value that 
identifies the packet processor part as the source of the packet (Column 6, 
lines 31-57), 

Indicating from the packet processor part to the application gateway 
part the original value of the source information field found in the packet at 
the moment of intercepting the packet at the packet processor part 
(Column 9, lines 26-44) and 

Using the indicated original value of the source information field at 
the application gateway part in processing the packet (Column 9, lines 26- 
44). 

Regarding Claim 40, 

Claim 40 is a method claim that is broader than method claim 3 and 
is rejected for the same reasons. 
Regarding Claim 44, 

Claim 44 is a method claim that is broader than method claim 3 and 
is rejected for the same reasons. 
Regarding Claim 52, 
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Claim 52 is a method claim that is broader than method claim 3 and 
is rejected for the same reasons. 
Regarding Claim 55, 

Claim 55 is a system claim that corresponds to method claim 3 and 
is rejected for the same reasons. 
Regarding Claim 63, 

Claim 63 is a device claim that is broader than method claim 3 and 
is rejected for the same reasons. 
Regarding Claim 67, 

Claim 67 is a device claim that is broader than method claim 3 and 
is rejected for the same reasons. 
Regarding Claim 70, 

Claim 70 is a software program product claim that is broader than 
method claim 3 and is rejected for the same reasons. 
Regarding Claim 74, 

Claim 74 is a software program product claim that is broader than 
method claim 3 and is rejected for the same reasons. 
Regarding Claim 7, 

Gbadegesin discloses that steps of indicating the original values of 
certain fields comprise transmitting the original values of such fields from 
the packet processor part to the application gateway part separately from 
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the redirected packet, the certain fields including at least one of a source 

field and a destination field (Column 9, lines 26-44). 
Regarding Claim 8, 

Gbadegesin discloses, at the packet processor part: 
Composing a messaging packet that conforms to a messaging 

protocol, and inserting the original values of the certain fields into the 

messaging packet together with the replacement values (Column 9, lines 

26-44), and 

Transmitting the messaging packet to the application gateway part 
(Column 9, lines 26-44); and 

At the application gateway part: 

Receiving the messaging packet (Column 9, lines 26-44), and 
Associating the original values of the certain fields read from the 
messaging packet with the replacement values found in the redirected 
packet (Column 9, lines 26-44). 
Regarding Claim 12, 

Gbadegesin discloses that the step of transmitting from the 
application gateway part to the packet processor part a query for the 
original values of certain fields, so that the packet processor part only 
transmits the original values of the certain fields to the application gateway 
part as a response to the query (Column 9, lines 26-44). 
Regarding Claim 14, 
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Gbadegesin discloses that the step of transmitting the original 
values of the certain fields from the packet processor part to the 
application gateway part running in the same computer device with the 
packet processor part through a communications routine that is internal to 
that computer device and relies on functions defined in an OS of that 
computer device (Column 7, line 50 to Column 8, line 30; and Column 8, 
line 43 to Column 9, line 5). 

Regarding Claim 19, 

Gbadegesin discloses that the step of redirecting the packet to the 
application gateway part involves only transferring the packet to a logically 
separate entity within the same physical device where the packet 
processor part resides (Column 7, line 50 to Column 8, line 30; and 
Column 8, line 43 to Column 9, line 5). 

Regarding Claim 58, 

Claim 58 is a system claim that corresponds to method claim 19 
and is rejected for the same reasons. 

Regarding Claim 20, 

Gbadegesin discloses that the step of redirecting the packet to the 
application gateway part involves transferring the packet to a device that is 
physically separate from the device where the packet processor part 
resides (Column 6, lines 31-57). 

Regarding Claim 59, 
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Claim 59 is a system claim that corresponds to method claim 20 
and is rejected for the same reasons. 
Regarding Claim 21, 

Gbadegesin discloses, after the step of processing the packet at 
the application gateway part, the further steps of: 

Returning the processed packet from the application gateway part 
to the packet processor part (Column 8, line 53 to Column 9, line 5) and 

Forwarding such a returned packet from the packet processor part 
towards an original destination that the packet had at the moment of it 
becoming intercepted (Column 8, line 53 to Column 9, line 5). 
Regarding Claim 22, 

Gbadegesin discloses composing at the packet processor part a 
mapping function that associates a packet redirected to the application 
gateway part with an original value of a certain destination information 
. field that the packet had at the moment of it becoming intercepted 
(Column 8, line 53 to Column 9, line 44) and 

As a response to receiving a processed packet from the application 
gateway part to the packet processor part, using the mapping function to 
restore the original value of the destination information field in that 
processed packet (Column 8, line 53 to Column 9, line 44). 
Regarding Claim 23, 
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Gbadegesin discloses that the mapping function also associates a 
packet redirected to the application gateway part with an original value of 
a certain source information field that the packet had at the moment of it 
becoming intercepted (Column 6, lines 31-57), and as a response to 
receiving a processed packet from the application gateway part to the 
packet processor part, the mapping function is also used to restore the 
original value of the source information field in that processed packet 
(Column 8, line 53 to Column 9, line 44). 
Regarding Claim 24, 

Gbadegesin discloses transmitting from the application gateway 
part to the packet processor part information that associates a processed 
packet returned from the application gateway part to the packet processor 
part with an original value of a certain destination information field that the 
processed packet had at the moment of it becoming intercepted (Column 
6, lines 31-57) and 

As a response to receiving a processed packet from the application 
gateway part to the packet processor part, using the transmitted 
information to restore the original value of the destination information field 
in that processed packet (Column 6, lines 31-57). 

This is performed with the session identifiers and port numbers that 
are used between the packet processor part and the application gateway 
part. 
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Regarding Claim 25, 

Gbadegesin discloses transmitting from the application gateway 
part to the packet processor part information that associates a processed 
packet returned from the application gateway part to the packet processor 
part with an original value of a certain source information field that the 
processed packet had at the moment of it becoming intercepted (Column 
6, lines 31-57) and 

As a response to receiving a processed packet from the application 
gateway part to the packet processor part, using the transmitted 
information to restore the original value of the source information field in 
that processed packet (Column 6, lines 31-57). 
Regarding Claim 26, 

Gbadegesin discloses, after the step of processing the packet at 
the application gateway part, the further step of: 

Forwarding such a processed packet from the application gateway 
part towards an original destination that the packet had at the moment of 
becoming intercepted, without circulating the forwarded packet through 
the packet processor part (Column 10, lines 19-36). 
Regarding Claim 27, 

Gbadegesin discloses transmitting from the packet processor part 
to the application gateway part information that associates each packet 
redirected from the packet processor part to the application gateway part 
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with an original value of a certain destination information field that the 
redirected packet had at the moment of it becoming intercepted (Column 
8, line 53 to Column 9, line 5) and 

After a packet has been processed at the application gateway part, 
using the transmitted information to restore the original value of the 
destination information field in that packet (Column 8, line 53 to Column 9, 
line 5). 

Regarding Claim 45, 

Claim 45 is a method claim that is broader than method claim 27 
and is rejected for the same reasons. 

Regarding Claim 28, 

Gbadegesin discloses transmitting from the packet processor part 
to the application gateway part information that associates each packet 
redirected form the packet processor part to the application gateway part 
with an original value of a certain source information field that the 
redirected packet had at the moment of it becoming intercepted (Column 
6, lines 31-57; and Column 9, lines 26-44) and 

After a packet has been processed at the application gateway part, 
using the transmitted information to restore the original value of the source 
information field in that packet (Column 9, lines 26-44). 

Regarding Claim 46, 
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Claim 46 is a method claim that is broader than method claim 28 
and is rejected for the same reasons. 
Regarding Claim 29, 

Gbadegesin discloses that the packets are handled in packet 
streams, all packets of an individual packet stream having the same 
values in certain source and destination information fields of each packet, 
and wherein if the first intercepted packet of a certain packet stream is 
found to contain digital data that pertains to the certain protocol, that 
packet and all subsequent packets belonging to the same packet stream 
are redirected to the application gateway part and processed at the 
application gateway part according to the set of processing rules based on 
obedience to the certain protocol (Column 9, line 66 to Column 10, line 
36). 

Regarding Claim 30, 

Gbadegesin discloses, within the first packet and all subsequent 
packets of a certain packet stream that is found to contain digital data that 
pertains to the certain protocol, replacing an original value of a certain 
destination information field with a replacement value that identifies the 
application gateway part as the destination of the packets, thus enabling 
redirecting to the application gateway part (Column 9, line 66 to Column 
10, line 36), 
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Indicating from the packet processor part to the application gateway 
part the original value of the destination information field found in the first 
redirected packet of a packet stream at the moment of intercepting the 
packet at the packet processor part (Column 8, line 53 to Column 9, line 5) 
and 

Using the indicated original value of the destination information field 
at the application gateway part in processing the packets of the redirected 
packet stream (Column 8, line 53 to Column 9, line 5). 
Regarding Claim 31, 

Gbadegesin discloses, within the first packet and all subsequent 
packets of a certain packet stream that is found to contain digital data that 
pertains to the certain protocol, replacing also an original value of a certain 
source information field with a replacement value that identifies the packet 
processor part as the source of the packets (Column 6, lines 31-57; and 
Column 9, lines 26-44), 

Indicating from the packet processor part to the application gateway 
part the original value of the source information field found in the first 
redirected packet of a packet stream at the moment of intercepting the 
packet at the packet processor part (Column 9, lines 26-44) and 

Using the indicated original value of the source information field at 
the application gateway part in processing the packets of the redirected 
packet stream (Column 9, lines 26-44). 
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Regarding Claim 33, 

Gbadegesin discloses that the packets of an individual packet 
stream belong to an individual TCP connection (Column 7, lines 28-36). 
Regarding Claim 34, 

Gbadegesin discloses, between the steps of redirecting the packet 
to the application gateway part and processing the packet at the 
application gateway part, a step of removing from the redirected packet . 
any traces of it having been redirected, so that the application gateway 
part processes the packet as if it had received the packet for processing 
immediately after the packet was intercepted (Column 8, line 43 to 
Column 9, line 5). 
Regarding Claim 35, 

Gbadegesin discloses, after the step of processing the packet at 
the application gateway part, the steps of: 

Re-inserting into the processed packet the redirection information 
that was removed from the packet before processing the packet at the 
application gateway part, so that after the re-inserting the packet contains 
values that identify the application gateway part as the source and the 
packet processor part as the destination of the packet (Column 8, line 43 
to Column 9, line 5), 

Returning the processed packet from the application gateway part 
to the packet processor part (Column 8, line 43 to Column 9, line 5) and 
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Forwarding such a returned packet from the packet processor part 
towards an original destination that the packet had at the moment of it 
becoming intercepted (Column 8, line 43 to Column 9, line 5). 
Regarding Claim 36, 

Gbadegesin discloses, after a certain packet has been redirected 
from the packet processor part, dynamically establishing a new instruction 
for the packet processor part regarding the redirecting of subsequently 
arriving packets that have a certain relationship to the packet that was 
redirected from the packet processor part to the application gateway part 
(Column 6, line 58 to Column 7, line 2). 
Regarding Claim 37, 

Gbadegesin discloses detecting at the application gateway part that 
a packet that was redirected from the packet processor part to the 
application gateway part contains data that pertains to a certain control 
channel defined in a protocol that also defines a data channel associated 
with the control channel (Column 6, line 58 to Column 7, line 2; and 
Column 10, lines 37-55), 

Establishing a new instruction for the packet processor to redirect 
to the application gateway part subsequently arriving packets that contain 
data that pertains to the data channel (Column 6, line 58 to Column 7, line 
2), and 
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Communicating the established new instruction from the application 
gateway part to the packet processor part (Column 6, line 58 to Column 7, 
line 2). 
Regarding Claim 38, 

Gbadegesin discloses detecting that a packet that was redirected 
from the packet processor part to the application gateway part is 
associated with a certain first port number and contains data that pertains 
to a certain protocol that defines that also a certain second port number 
should be reserved to that certain protocol (Column 8, line 43 to Column 
9, line 5), and 

Establishing a new instruction for the packet processor part to 
redirect to the application gateway part subsequently arriving packets that 
are associated with the second port number (Column 6, line 58 to Column 
7, line 2). 
Regarding Claim 49, 

Gbadegesin discloses that the step of examining the packet in 
order to determine whether the packet contains digital data that pertains to 
a certain protocol involves handling the packet according to a set of 
packet filtering rules (Column 6, lines 31-57). 
Regarding Claim 50, 

Gbadegesin discloses that the step of examining the packet in 
order to determine whether the packet contains digital data that pertains to 
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a certain protocol involves checking whether the packet belongs to a 
connection or flow all packets of which should be redirected to the 
application gateway part (Column 6, lines 31-57). 

Regarding Claim 60, 

Gbadegesin discloses that the second computer is arranged to run 
several application gateway parts as simultaneously or alternately active 
user mode processes (Column 6, line 58 to Column 7, line 2). 

Regarding Claim 61, 

Gbadegesin discloses several second computer devices, each of 
which has a communications connection with the first computer device 
and each of which is arranged to run at least one application gateway part 
as a user mode process (Column 4, lines 45-64). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 4, 15-17, 41, 42, 47, 48, 56, 57, 64, 65, 71, and 72 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Gbadegesin in view of Poier (U.S. Patent 
Application Publication 2002/0124090). 

Regarding Claim 4, 
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Gbadegesin does not disclose that steps of indicating the original 
values of certain fields comprise transmitting the original values of such 
fields from the packet processor part to the application gateway part 
together with the redirected packet, the certain fields including at least one 
of a source field and a destination field. 

Poier, however, discloses that steps of indicating the original values 
of certain fields comprise transmitting the original values of such fields 
from the packet processor part to the application gateway part together 
with the redirected packet, the certain fields including at least one of a 
source field and a destination field (Page 3, Paragraph 22). It would have 
been obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate the VPN of Poier into the NAT/application 
gateway of Gbadegesin in order to allow the NAT and application gateway 
to deal with encrypted packets that are part of a VPN connection. 
Regarding Claim 15, 

Gbadegesin discloses, regarding a packet that is redirected from 
the packet processor part to the application gateway part: 

Using the original value of a destination information field in the 
packet at the application gateway part in processing the packet (Column 
8, line 53 to Column 9, line 5), but does not disclose prepending a header 
to the packet at the packet processor part, the prepended header 
containing a value that identifies the application gateway part as the 
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destination of the packet and stripping the header from the packet at the 
application gateway part. 

Poier, however, discloses prepending a header to the packet at the 
packet processor part, the prepended header containing a value that 
identifies the application gateway part as the destination of the packet 
(Page 3, Paragraph 22), and stripping the header from the packet at the 
application gateway part (Page 3, Paragraph 22). It would have been 
obvious to one of ordinary skill in the art at the time of applicant's invention 
to incorporate the VPN of Poier into the NAT/application gateway of 
Gbadegesin in order to allow the NAT and application gateway to deal 
with encrypted packets that are part of a VPN connection. 

Regarding Claim 41, 

Claim 41 is a method claim that is broader than method claim 15 
and is rejected for the same reasons. 

Regarding Claim 47, 

Claim 47 is a method claim that is broader than method claim 15 
and is rejected for the same reasons. 

Regarding Claim 56, 

Claim 56 is a system claim that corresponds to method claim 15 
and is rejected for the same reasons. 

Regarding Claim 64, 
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Claim 64 is a device claim that is broader than method claim 15 
and is rejected for the same reasons. 
Regarding Claim 71, 

Claim 71 is a software program product claim that is broader than 
method claim 15 and is rejected for the same reasons. 
Regarding Claim 16, 

Gbadegesin as modified by Poier disclose the method of claim 15, 
in addition, Poier discloses that the prepended header also contains a 
value that identifies the packet processor part as the source of the packet 
(Page 3, Paragraph 22). 
Regarding Claim 42, 

Claim 42 is a method claim that is broader than method claim 16 
and is rejected for the same reasons. 
Regarding claim 48, 

Claim 48 is a method claim that is broader than method claim 16 
and is rejected for the same reasons. 
Regarding Claim 57, 

Claim 57 is a system claim that corresponds to method claim 16 
and is rejected for the same reasons. 
Regarding Claim 65, 

Claim 65 is a device claim that corresponds to method claim 16 and 
is rejected for the same reasons. 
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Regarding Claim 72, 

Claim 72 is a software program product claim that is broader than 
method claim 16 and is rejected for the same reasons. 
Regarding Claim 17, 

Gbadegesin does not disclose enveloping the original packet to be 
redirected from the packet processor part to the application gateway part 
into an enveloping packet and extracting the original packet from the 
enveloping packet. 

Poier, however, discloses, at the packet processor part: 

Enveloping an original packet to be redirected from the packet 
processor part to the application gateway part into an enveloping packet 
(Page 3, Paragraph 22; and Figure 7); and 

At the application gateway part: 

Extracting the original packet from the enveloping packet (Page 3, 
Paragraph 22; and Figure 7). 

It would have been obvious to one of ordinary skill in the art at the 
time of applicant's invention to incorporate the VPN of Poier into the 
NAT/application gateway of Gbadegesin in order to allow the NAT and 
application gateway to deal with encrypted packets that are part of a VPN 
connection. 
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Claims 5 and 6 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gbadegesin in view of Poier, further in view of TCP ("The TCP Datagram, I wanted to 
know and now you can too (part 2)", 4/8/2001, pp. 1-3, obtained from 
http://web.archive.Org/web/20010408184021/http://www.daemon.org/tcp. html). 
Regarding Claim 5, 

Gbadegesin as modified by Poier disclose the method of claim 4, 
and further, at the packet processor part: 

Setting the value of a certain bit in the packet to indicate the 
presence of urgent information within the packet (Gbadegesin: Column 9, 
lines 6-25), 

Inserting the original values of the certain fields into the packet 
immediately before the location pointed at by the pointer value (Poier: 
Page 3, Paragraph 22); and 

At the application gateway part: 

Reading the original values of the certain fields from the location in 
the packet pointed at by the pointer value (Poier: Page 3, Paragraph 22); 

But do not explicitly disclose inserting into a pointer field in the 
packet a pointer value that points at the end of urgent information within 
the packet. 

TCP, however, discloses inserting into a pointer field in the packet 
a pointer value that points at the end of urgent information within the 
packet (Pages 1-2). It would have been obvious to one of ordinary skill in 
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the art at the time of applicant's invention to incorporate the datagram of 
TCP into the NAT/application gateway of Gbadegesin as modified by 
Poier because TCP is already used within the combination. The reference 
is solely needed as evidence of what fields are within TCP. 
Regarding Claim 6, 

Gbadegesin as modified by Poier disclose the method of claim 4, 
and further, at the packet processor part: 

Using the TCP protocol (Gbadegesin: Column 9, lines 6-25), 

Inserting the original values of the certain fields into the packet 
(Poier: Page 3, Paragraph 22); and 

At the application gateway part: 

Reading the original values of the certain fields from the packet 
(Poier: Page 3, Paragraph 22). 

Setting the value of an options field in the packet to indicate the 
presence of optional information within the packet (Pages 2-3). It would 
have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to incorporate the datagram of TCP into the 
NAT/application gateway of Gbadegesin as modified by Poier because 
TCP is already used within the combination. The reference is solely 
needed as evidence of what fields are within TCP. 
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Claims 9, 10, and 32 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gbadegesin in view of UDP (Ross et al., "3.3 Connectionless Transport: UDP", 
2000, pp. 1-6, obtained from http://www-net.cs.umass.edu/kurose/transport/UDP.html). 
Regarding Claim 9, 

Gbadegesin does not disclose that the messaging packet is a UDP 
packet. 

UDP, however, discloses that the messaging packet is a UDP 
packet (Pages 1-5). It would have been obvious to one of ordinary skill in 
the art at the time of applicant's invention to incorporate the protocol of 
UDP into the NAT/application gateway of Gbadegesin in order to provide a 
fast protocol that can be used for sending information without requiring 
setup and maintenance of a connection. 
Regarding Claim 10, 

Gbadegesin does not disclose that the step of transmitting the 
messaging packet to the application gateway part is performed more than 
once in order to transmit several redundant copies of the messaging 
packet to the application gateway part. 

UDP, however, discloses that the step of transmitting the 
messaging packet to the application gateway part is performed more than 
once in order to transmit several redundant copies of the messaging 
packet to the application gateway part (Page 1). It would have been 
obvious to one of ordinary skill in the art at the time of applicant's invention 
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to incorporate the protocol of UDP into the NAT/application gateway of 
Gbadegesin in order to provide a fast protocol that can be used for 
sending information without requiring setup and maintenance of a 
connection. 
Regarding Claim 32, 

Gbadegesin does not disclose that the step of indicating from the 
packet processor part to the application gateway part the original values of 
certain information fields comprises at least one repetition in order to 
transmit redundant indications from the packet processor part to the 
application gateway part. 

UDP, however, discloses that the step of indicating from the packet 
processor part to the application gateway part the original values of certain 
information fields comprises at least one repetition in order to transmit 
redundant indications from the packet processor part to the application 
gateway part (Page 1). It would have been obvious to one of ordinary skill 
in the art at the time of applicant's invention to incorporate the protocol of 
UDP into the NAT/application gateway of Gbadegesin in order to provide a 
fast protocol that can be used for sending information without requiring 
setup and maintenance of a connection. 



Claims 11 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gbadegesin in view of Cheng (Cheng et al., "WTCP: an Efficient Transmission 
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Control Protocol for Wired/Wireless Internetworking", 11/11/1999, pp. 176-185, obtained 
from http://nr.stic.gov.tw/ejournal/ProceedingA/v24n3/176-1 85.pdf). 
Regarding Claim 11, 

Gbadegesin does not disclose that the sender transmits the packet 
to the receiver spontaneously. 

Cheng, however, discloses that the sender transmits the packet to 
the receiver spontaneously (Page 177, Section 1). It would have been 
obvious to one of ordinary skill in the art at the time of applicant's invention 
to incorporate the transmission control protocol of Cheng into the 
NAT/application gateway of Gbadegesin in order to allow the system to 
deal with dropped packets and dynamically change its setup so that less 
packets will be dropped during the session. 
Regarding Claim 13, 

Gbadegesin discloses that the application gateway part (receiver) 
transmits to the packet processor part (sender) a query for the original 
values of the certain fields, so that the packet processor part also 
transmits the original values of the certain fields to the application gateway 
part as a response to the query (Column 9, lines 26-44), but does not 
disclose that the sender transmits the packet to the receiver 
spontaneously, and if the receiver has not received such spontaneously 
transmitted packet within a certain time limit, the sender re-sends the 
packet to the receiver. 
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Cheng, however, discloses that the sender transmits the packet to 
the receiver spontaneously, and if the receiver has not received such 
spontaneously transmitted packet within a certain time limit, the sender re- 
sends the packet to the receiver (Page 177, Section 1). It would have 
been obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate the transmission control protocol of Cheng into the 
NAT/application gateway of Gbadegesin in order to allow the system to 
deal with dropped packets and dynamically change its setup so that less 
packets will be dropped during the session. 

Claim 18 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gbadegesin in view of Poier, further in view of Leech (Leech et al., "RFC 1928 - 
SOCKS Protocol Version 5", 3/1996, pp. 1-8, obtained from 
http://www.faqs.org/rfcs/rfc1928.html). 

Gbadegesin as modified by Poier does not disclose a packet according to 
the SOCKS protocol. 

Leech, however, discloses a packet according to the SOCKS protocol 
(Pages 1-8). It would have been obvious to one of ordinary skill in the art at the 
time of applicant's invention to incorporate the SOCKS protocol of Leech into the 
NAT/application gateway of Gbadegesin as modified by Poier in order to provide 
authentication of the NAT to the application gateway, thus making the system 
more secure. 
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(10) Response to Argument 

A. Response to arguments regarding claims 1-3, 7, 8, 12, 14, 19-31, 33-40, 43- 
46, 49-55, 58-63, 66-70, 73, and 74, rejected under 35 U.S.C. 102(e) as being 
anticipated by Gbadegesin: 

Appellant argues that Gbadegesin does not disclose examining data within the 
packet. As Appellants arguments and the discussion thereof show, this is not claimed. 
What is claimed is examining the packet in order to determine whether the packet 
contains digital data that pertains to a certain protocol. 

Appellant provides an analogy (Page 11, final paragraph, and Page 14, second 
paragraph) that a box is analogous to a packet and the contents of the box are 
analogous to data within the packet. By Appellants definition of the box itself being a 
packet and the contents of the box being data within the packet, one can see that the 
claims correlate to examining the box itself (examining the packet). Appellant describes 
that the box can be examined or observed to determine if it has a certain color, is 
sealed in a particular manner, includes an address label etc. and that the contents of 
the box (data in the packet) can be examined to determine if the contents have certain 
characteristics. As can be seen from such an analogy, examining the packet (claimed) 
is different than examining the payload data in the packet (argued). If the claims were 
intended to be as narrow as to examine the payload data of the packet, they would state 
as much. Of course, examining the packet could include examining the payload data 
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within the packet, but such examining of the packet is not limited to such an 
interpretation. 

Any examination of any data of the packet that tells the system that the packet 
contains digital data pertaining to a certain protocol may be used in order to decide how 
to handle that packet. This could come in the form of an address and/or port that shows 
where the packet is being sent and/or what port the packet is being sent to. It could 
come in the form of a simple header that states the protocol, a flag that is set, or by an 
address that explicitly states what protocol is being used (e.g. ftp://<ftpaddress>). 
These are merely examples of possible ways to examine a packet in order to determine 
whether the packet contains digital data related to a certain protocol, and none of them 
require examining the actual payload. There are many ways that an entity can examine 
the packet to determine whether the packet contains digital data pertaining to a certain 
protocol without the need to examine the payload data in order to determine such. The 
data within Gbadegesin that pertains to the certain protocol is clearly digital data since 
the data can be stored on a computing device and operations can be performed thereon 
(e.g. adding value to the data as shown in Column 2, lines 13-17 and Column 8, lines 
16-30). 

Appellant also argues that the examiner argues that the port-redirect command 
of Gbadegesin is equivalent to the certain protocol of the claims. While the section 
referred to by the examiner does discuss a port-redirect command, it is noted that the 
examiner never argued that such a command is equivalent to a protocol. What is 
commanded of the gateway/gNAT may be pertinent to a certain protocol, however. 
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Column 8, line 16 to Column 9, line 5 shows such commanding of the gateway/gNAT by 
the transparent proxy. First, a proxy may determine that all HTTP traffic should be sent 
from the gateway to the proxy: "a process might act as a transparent proxy for HTTP 
sessions" (Column 8, lines 31-32). The proxy then commands the gateway/gNAT to 
forward all HTTP traffic to the proxy: "The port-redirect command tells the API library to 
instruct the network gateway that all sessions destined for TCP port number 80 must be 
directed instead to the transparent proxy's socket" (Column 8, lines 43-46). At this 
point, the proxy has commanded the gateway/gNAT to send all HTTP sessions to the 
proxy. Now, the gateway/gNAT will act on such a command for packets that are sent to 
it. The gateway/gNAT determines whether a packet contains digital data that pertains 
to the certain protocol, based on the commanded redirect: "The network gateway 
determines that the client's connection-request matches the transparent proxy's 
commanded redirect, and it triggers the kernel-mode network address translation 
module" (Column 8, lines 48-52). Finally, the gateway/gNAT performs such forwarding: 
"The network gateway forwards the client's connection-request, which is now destined 
to the transparent proxy instead of the Internet server to which the request was 
originally sent" (Column 8, lines 57-60). Quite clear from this section is the 
gateway/gNAT examining a packet in order to determine whether the packet contains 
digital data pertaining to HTTP, and forwarding such data pertaining to HTTP to the 
transparent proxy. How the protocol is determined to be the certain protocol is 
unimportant to the claimed invention. The protocol could be selected and/or changed 
dynamically as the system runs, assigned by an administrator, predetermined to be 
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static for all connections, specific to a particular device (such as watching for one 
protocol when data is destined for serverl and another protocol when data is destined 
for server2). The certain protocol could be specified by the application gateway part in 
order to inform the packet processor part to redirect all data pertaining to said protocol 
to the application gateway part. The certain protocol could clearly be defined by use of 
the above described port-redirect command. 

Column 7, lines 63-65 shows that "all packets will be observed by the kernel- 
mode translation module 106 before being sent, received, or forwarded." The 
gateway/gNAT observes every packet in order to determine whether the packet should 
be forwarded to the transparent proxy or to the intended destination. While the word 
"examine" may not be used, this observing is equivalent to examining, since the packet 
must be checked in order to determine whether to transmit the packet to the transparent 
proxy or not. 

Appellant argues that Gbadegesin determines whether a packet relates to a 
recognized or unrecognized session. While Gbadegesin does include additional 
functionality, such as redirecting packets to the proxy based on session (Column 7, line 
66 to Column 8, line 15), this does not deter from the fact that Gbadegesin discloses 
examining packets in order to determine whether the packet contains digital data 
pertaining to a certain protocol. 

Additionally noted is that a packet is a set of data comprising fields, headers, 
payload, etc. The fields and headers contain data regarding addresses (source and 
destination), ports, and the like. Examining the packet in order to determine whether 
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the packet contains digital data pertaining to a certain protocol can be as simple as 
checking a port number, to see whether the packet has digital data (in this case the 
digital data in question could merely comprise the port number) pertaining to, e.g. 
HTTP. In other words, if the port number is 80, specifying HTTP, the packet contains 
digital data (the port number) pertaining to HTTP. Digital data contained in the packet 
could be a bit, a field, a header, the payload, the entire packet, etc. Such digital data 
could be any set of data from the first bit to the last bit of the packet; it is not required to 
be the payload of the packet. 

Appellant also argues that the network gateway, and not the gNAT module, 
determines that the client's connection request matches the transparent proxy's 
commanded redirect. As seen in Column 8, lines 7-10, "When the module 106 detects 
any new network session, it determines whether there is a redirect that applies to the 
session. If the module 106 determines that there is a redirect for this session, the 
redirect is activated." From this it is clear that the gNAT module 106, of Gbadegesin 
determines that the client's connection request matches the transparent proxy's 
commanded redirect, the commanded redirect being described above. Also noted is 
that "the proxy application and the gNAT gateway may be physically located on different 
computers" (Column 6, lines 54-56), showing that the gNAT gateway may be a singular 
entity, physically separate from the proxy. 

Appellant also argues that Gbadegesin does not disclose determining if the data 
in the packet conforms to a certain protocol. To further this argument, Appellant states 
that, even if Gbadegesin observes the packet and redirects the packet based on that 
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observation, this is not the same as examining the data within the packet. Once again, 
examining the packet is claimed, not examining the data within the packet. Regarding 
this argument, Appellant also states that, without examining the contents of the packet, 
there is no way to determine if the contents (data) has certain characteristics. This is 
further proof that the claimed examining the packet is not the same as examining the 
payload of the packet (such as checking for certain characteristics within the data). 
Further, Appellant states that Gbadegesin describes examining the packet (Page 14, 
second paragraph). 

B. Response to arguments regarding claims 4, 15-17, 41, 42, 47, 48, 56, 57, 64, 
65, 71, and 72, rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gbadegesin in view of Poier: 

Appellant argues that neither Poier nor Gbadegesin teaches determining whether 
a packet contains digital data that pertains to a certain protocol, processing the packet 
at the packet processor part if the packet is not found to contain digital data that would 
pertain to the certain protocol, and redirecting the packet to the application gateway part 
if the packet is found to contain digital data that pertains to the certain protocol. As 
shown above in section A of the response to arguments, Gbadegesin clearly teaches 
such limitations. Whether or not Poier teaches the same is deemed insignificant. 

C. Response to arguments regarding claims 5 and 6, rejected under 35 U.S.C. 
103(a) as being unpatentable over Gbadegesin in view of Poier, further in view of TCP 
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(or "Datagram"); claims 9, 10, and 32, rejected under 35 U.S.C. 103(a) as being 
unpatentable over Gbadegesin in view of UDP; claims 1 1 and 13, rejected under 35 
U.S.C. 103(a) as being unpatentable over Gbadegesin in view of Cheng; and claim 18, 
rejected under 35 U.S.C. 103(a) as being unpatentable over Gbadegesin in view of 
Leech: 

Appellant argues that these claims are allowable because of their dependence 
on claim 1 . Please refer to section A of the response to arguments for a clear 
discussion on how claim 1 is anticipated by Gbadegesin. 

(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the 
Related Appeals and Interferences section of this examiner's answer. 
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For the above reasons, it is believed that the rejections should be sustained. 
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